Lucene search
+L

65 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/26 4:19 p.m.3 views

CVE-2026-3116

Mattermost Plugins versions =11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589...

4.9CVSS5.8AI score0.00344EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/26 4:19 p.m.3 views

CVE-2026-3116 Improper Input Validation in Zoom Plugin Webhook Handler

Mattermost Plugins versions =11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589...

4.9CVSS5.8AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 4:19 p.m.14 views

CVE-2026-3116

CVE-2026-3116 affects Mattermost Plugins with versions

4.9CVSS5.8AI score0.00344EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.5 views

CVE-2026-2461

Mattermost Plugins versions =11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559...

4.3CVSS5.8AI score0.00162EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.6 views

CVE-2026-2476

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.9 views

PT-2026-28420

Name of the Vulnerable Software and Affected Versions Mattermost Plugins versions 10.11.11.0 and 11.4 Description Mattermost plugins do not properly validate timestamps in webhook requests. This allows an attacker to repeatedly send webhook requests, potentially corrupting the state of Zoom...

2.2CVSS5.9AI score0.00291EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.13 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and web/dashboard applications. There are security vulnerabilities in versions prior to 11.4, 11.0.4, 11.1.3, 11.3.2, and 10.11.11.0. These...

4.9CVSS5.8AI score0.00344EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.15 views

PT-2026-28425

Name of the Vulnerable Software and Affected Versions Mattermost Plugins versions 10.11.11.0 through 11.4 Description The software does not properly check the size of incoming requests, potentially allowing an authenticated attacker to disrupt service through the webhook endpoint. The issue affec...

4.9CVSS5.9AI score0.00344EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/16 3:30 p.m.9 views

EUVD-2026-12411

Mattermost Plugins versions =11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559...

4.3CVSS5.8AI score0.00162EPSS
Exploits1References2
NVD
NVD
added 2026/03/16 2:19 p.m.6 views

CVE-2026-2476

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/16 11:16 a.m.29 views

CVE-2026-2461 Missing authorization check allows unauthorized modification of other users' comments on a board

Mattermost Plugins versions =11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559...

4.3CVSS0.00162EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/16 11:16 a.m.1 views

CVE-2026-2461 Missing authorization check allows unauthorized modification of other users' comments on a board

Mattermost Plugins versions =11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559...

4.3CVSS5.8AI score0.00162EPSS
Exploits1References1
CVE
CVE
added 2026/03/16 11:16 a.m.21 views

CVE-2026-2461

Mattermost Plugins versions

4.3CVSS5.8AI score0.00162EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/03/16 11:16 a.m.6 views

CVE-2026-2461 Missing authorization check allows unauthorized modification of other users' comments on a board

Mattermost Plugins versions =11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559...

4.3CVSS6.4AI score0.00162EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/16 11:11 a.m.10 views

CVE-2026-2476

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References2
OSV
OSV
added 2026/03/16 11:11 a.m.6 views

CVE-2026-2476 MS Teams plugin sensitive config values not properly masked in support packets

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS6.4AI score0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.9 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.3, 11.0.3, 11.2.2, and 10.10.11.0 of Mattermost Plugins contain security vulnerabilities. These...

4.3CVSS6.4AI score0.00162EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25680

Name of the Vulnerable Software and Affected Versions Mattermost Plugins versions through 2.0.3.0 Description The Mattermost plugins do not properly mask sensitive configuration values. This allows an attacker with access to support packets to obtain original plugin settings through exported...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions of Mattermost Plugins 2.0.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem fro...

7.6CVSS6.4AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-11401

Malware in sbrugna...

7.5CVSS7.5AI score0.00872EPSS
Exploits0References2
Rows per page
Query Builder